Novell Home

It has probably been a few years since any industry analyst or expert has referred to Novell BorderManager as a high-profile, up-andcoming product. But that doesn't change the fact that BorderManager has been quietly providing thousands of NetWare shops with solid, stable and complete perimeter protection services for nearly a decade.


As Novell has moved aggressively toward becoming a Linux solution provider, many BorderManager customers have expressed legitimate questions and concerns about the future of BorderManager, which runs exclusively on NetWare. And to be perfectly frank, Novell has faltered at times in its efforts to provide a clear, practical path forward for BorderManager customers.

"Probably the most exciting thing about BorderManager 3.9 for me is that it exists! I support many, many clients who absolutely love their BorderManager servers, and who are happy to see a new version come out with continuing support and development from Novell. BorderManager is a unique product, and there is simply nothing out there that can replace the unique combination of features it has."

—Craig Johnson,
Owner,
Craig Johnson Consulting

Fortunately, a new release of Novell BorderManager definitively resolves these concerns by providing NetWare customers with significantly improved perimeter protection capabilities today—while simultaneously creating a transition to a future version of Novell Access Manager that will offer many of the same border security capabilities on the Linux platform.

> Introducing BorderManager 3.9
BorderManager 3.9 is scheduled to release during the first half of 2007. Like earlier versions, it will offer robust, tried-and-tested Internet access controls, content filtering capabilities, secure virtual private networking (VPN) services and firewall services designed to protect network perimeters, secure networking resources and improve end-user productivity. (See Figure 1.)

But BorderManager 3.9 also features significant improvements that provide more advanced access control and security capabilities and make the product much easier to administer and manage. And much like Novell Open Enterprise Server, BorderManager 3.9 supports the Novell open enterprise vision by facilitating and easing the transition to future Novell border protection solutions running on Linux.

> Unified Management, Administration and Monitoring
Perhaps the most visible improvement in BorderManager 3.9 is the new, unified management and administration framework. With BorderManager 3.9, you can configure proxy services, distribute those configurations to your devices and configure and monitor your VPN services—all using the same iManager-based device management console. This eliminates the confusion and inconvenience of using different Novell tools like NetAdmin or ConsoleOne to manage different sets of BorderManager services.

Of course, this also allows BorderManager 3.9 to join a growing number of newer Novell products and services that use the Webbased iManager interface for configuration, management and administration, including future versions of Novell Access Manager. Going forward, this means greater efficiency as you adopt updated Novell access, identity and security management solutions in your organization. (See Figure 2.)

> Improved Proxy Auditing, Logging and Reporting
Novell's efforts to unify and simplify BorderManager services don't stop with its new administration and management framework.

BorderManager 3.9 also features improved proxy reporting. This includes moving BorderManager's proxy services monitoring capabilities from NWAdmin to a Web-based console. These improvements make it possible to manage all your BorderManager services more effectively, spot and correct perimeter security problems more quickly, and gain a more comprehensive picture of your border security situation.

> Enhanced Proxy Services
BorderManager 3.9 also features a number of new enhancements to its familiar proxy services. This includes increasing the number of URL-based blocking categories from 73 in the current version to 128 in BorderManager 3.9. The upcoming version of BorderManager also features support for Active FTP in its FTP-Proxy services.

With the release of BorderManager 3.9, Novell is making an official commitment to support and maintain the product for three full years from its release date.

> Enhanced VPN Services
Improvements to BorderManager's VPN services include new preshared key authentication support for site-to-site BorderManager users and a VPN client for SUSE Linux Enterprise 10 and other Linux users. (See Figure 3.)

> Full Service and Support
With the release of BorderManager 3.9, Novell is making an official commitment to support and maintain the product for three full years from its release date, in accordance with standard Novell product lifecycle policies. This means that BorderManager can remain a viable, up-to-date border security option for your business for the next several years, whether you choose to continue running NetWare or begin the process of migrating to Linux.

What's New in BorderManager 3.9?
  • Unified administration, management, logging and reporting for all BorderManager services based on iManager
  • Expanded category-based URL blocking with 128 categories
  • Active FTP support in FTP-Proxy
  • Intuitive new interface for managing site-to-site VPN services
  • Pre-shared key-based authentication support for site-to-site VPN services
  • Improved VPN client support for Linux and Windows XP/2000
  • New VPN client for SUSE Linux Enterprise 10 and other Linux users
  • Designed for a smooth, easy transition to a future version of Novell Access Manager

> Your Path Forward: From BorderManager 3.9 to Novell Access Manager
Together, all of these improvements and enhancements make BorderManager 3.9 an excellent perimeter protection option for organizations running NetWare. But as more Novell customers transition from NetWare to Linux—BorderManager 3.9 also provides a clear, logical path forward for BorderManager customers in a variety of different circumstances.

In general terms, that path forward consists of making many of BorderManager's proven capabilities available in a future version of Novell Access Manager. This new product will combine sophisticated role- and identity-based access control, multi-factor authentication, data encryption, policy management and compliance assurance capabilities with improvements to many of BorderManager's existing perimeter protection services. Novell Access Manager will also use the same iManager framework to manage all of the product's access management services, so you can leverage the IT management skills you build with BorderManager 3.9.

For more concrete terms for varying scenarios, see What Should I Do?

What Should I Do?

Following are some recommendations for BorderManager customers in specific situations:

BorderManager customers planning to run NetWare for the foreseeable future
BorderManager has always been the best, most complete perimeter protection solution for the NetWare platform. With its new unified management capabilities, enhanced logging and reporting, improved proxy and VPN services, and full support and maintenance for three years, BorderManager 3.9 remains an obvious, excellent choice for organizations that plan to continue to use NetWare.

Organizations preparing to transition to Linux
If your business is looking for a BorderManager-like perimeter protection solution that runs on Linux, Novell recommends an upgrade to a future version of Novell Access Manager, which will incorporate much of BorderManager's current functionality. This new version of Novell Access Manager will include a Linux Access Gateway that supports client trust for single sign-on to proxied applications, forward proxy services, SSL VPN services, site-to-site security and an impressive range of other identity- and role-based access control, policy management and compliance assurance capabilities.

If you need border protection capabilities on Linux right now, you can run BorderManager 3.8 on VMWare—or run BorderManager 3.9 on either VMWare or NetWare ViX.

Organizations looking for a traditional unified threat management solution
Neither BorderManager 3.9 nor Novell Access Manager will provide antivirus, antispam or other traditional threat management capabilities. Novell Security Manager by Astaro, which currently offers these capabilities, is no longer available from Novell. As a result, if you're looking for a traditional unified threat management solution, Novell recommends purchasing the Astaro Security Linux product or a comparable thirdparty offering.

Current Novell Security Manager by Astaro customers
Astaro is offering existing Novell Security Manager customers a smooth migration path to its Astaro Security Linux product, and Novell is continuing to work with Astaro to provide tight integration with eDirectory and easy interoperability with Novell products. Although Novell Security Manager by Astaro is no longer offered as a Novell product, it will continue to be an excellent unified threat management option that works well with Novell Access Manager and other Novell products.

> Learn More About BorderManager 3.9
Whether your organization is planning to stay with NetWare for the foreseeable future—or move more quickly to the Linux platform—BorderManager 3.9 can offer you outstanding perimeter protection services today and a smooth, secure path into the future. Visit novell.com/bordermanager for more details on BorderManager 3.9. And find out why BorderManager is still the best choice for your business. red N



© 2014 Novell